Whoops that should be http://www.cisco.com/public/cons/isp/security/
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of Barry Raveendran Greene Sent: Wednesday, September 04, 2002 1:29 PM To: John Crain; 'Jeffrey Meltzer'; nanog@merit.edu Subject: RE: IRR listing of IANA-reserved, a question..
List the 128-191/8 allocations first. Getting this information from the RIR's has been tedious. After that, details on each /8 for all 256 lines would be useful. It is a stepping stone to some of other suggestions that are bound to come out of this thread.
Rob Thomas and I have been playing around with a more stricter ingress prefix filter template to help ISPs get out of the "I only filter RFC1918" rut. You can check out the drafts at:
http://www.cisco.com/public/con/isp/security/
The big question was a consensus on how to handle a template recommendation for the old B space and C.
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of John Crain Sent: Wednesday, September 04, 2002 1:04 AM To: 'Jeffrey Meltzer'; nanog@merit.edu Subject: RE: IRR listing of IANA-reserved, a question..
http://www.iana.org/assignments/ipv4-address-space
If folks want me to split it to show 256 lines (one per /8) I can have that happen. Don't want to have multiple sources of the data, so for now that's probably easiest.
I'll watch this discussion with interest. If people think something is useful at the IANA level I'll do my best to make it happen.
_________________________________________ John Crain Manager of Technical Operations ICANN
crain@icann.org 1AF4 F638 4B2D 3EF2 F9BA 99E4 8D85 69A7 _________________________________________
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Jeffrey Meltzer Sent: Tuesday, September 03, 2002 11:54 PM To: nanog@merit.edu Subject: Re: IRR listing of IANA-reserved, a question..
Wouldn't the easiest (at least short term) thing be for IANA (or someone else authoritative-like) to put up a text file (not that I'm really sure how many blocks this entails) available via http or ftp for people to periodically wget, etc.
Surely IANA, ARIN, or someone else has some type of up-to date database that they could script, etc to generate this file?
On Tue, Sep 03, 2002 at 06:36:04PM -0700, John M. Brown wrote:
First, standard disclaimers.. 1. This is a technical email. 2. I'm not speaking for any organization, other than ME.
In the last 72 hours I've seen over 3GB of data hit a
network I play
with with source IP's of IANA-RESERVED space.
Various people have reported seeing IANA-RSERVED get announced via BGP at different parts of the net.
Various people maintain lists of IANA-RESERVED space and other such "special use or reserved" prefixes.
These lists are used by others to generate filters, ACL's and the like.
When IANA allocates a new prefix to a RIR, these lists have to be updated manually. Sometime after the space has been put into service and someone complains.
Give the above, would it make sense for:
A) The IANA to maintain a IRR/RADB type database that would allow for the auto generation of filters and ACL's based *purely* on RESERVED IANA space. No other prefixs would be listed.
or
B) For one or more of the RIR's (APNIC, ARIN, LACNIC, RIPE, etc) to maintain such a database, again only IANA-RSERVED space.
or
C) One of the existing well known IRR/RADB's to maintain the db ?
If such a database was available, would YOU use it ?
Would it help your network operations?
Would it be of a possitive or negative nature to your network?
Lets try to stay away from the obvious potential flames and other religous statements.
Thank you.
John Brown Speaking a single person